MantisBT: master-1.2.x 610da6ec

Author Committer Branch Timestamp Parent
rombert rombert master-1.2.x 2013-01-18 15:22 master-1.2.x bbc6b4f3
Affected Issues  0015373: CVE-2013-0197 XSS vulnerability with match_type filter
Changeset

filter api: always treat FILTER_PROPERTY_MATCH_TYPE as an int value

Based on @dregad's comments, this follows up on @dhx's fix.

Fixes 0015373: XSS vulnerability

mod - core/filter_api.php Diff File
mod - view_all_set.php Diff File